2629 matches found
CVE-2020-11934
It was discovered that snapctl user-open allowed altering the $XDGDATADIRS environment variable when calling the system xdg-open. OpenURL in usersession/userd/launcher.go would alter $XDGDATADIRS to append a path to a directory controlled by the calling snap. A malicious snap could exploit this t...
CVE-2020-11934 Sandbox escape vulnerability via snapctl user-open (xdg-open)
It was discovered that snapctl user-open allowed altering the $XDGDATADIRS environment variable when calling the system xdg-open. OpenURL in usersession/userd/launcher.go would alter $XDGDATADIRS to append a path to a directory controlled by the calling snap. A malicious snap could exploit this t...
CVE-2020-11934
It was discovered that snapctl user-open allowed altering the $XDGDATADIRS environment variable when calling the system xdg-open. OpenURL in usersession/userd/launcher.go would alter $XDGDATADIRS to append a path to a directory controlled by the calling snap. A malicious snap could exploit this t...
CVE-2020-11934
It was discovered that snapctl user-open allowed altering the $XDGDATADIRS environment variable when calling the system xdg-open. OpenURL in usersession/userd/launcher.go would alter $XDGDATADIRS to append a path to a directory controlled by the calling snap. A malicious snap could exploit this t...
GlassWire: Uncontrolled Search Path Element allows DLL hijacking for priv esc to SYSTEM
GlassWire contains a DLL hijacking vulnerability that could allow an authenticated attacker to execute arbitrary code on the targeted system. The vulnerability exists due to GlassWire loading DLL files from the PATH environment variable without verification. The machine should have at least one...
FreeBSD : FreeBSD -- posix_spawnp(3) buffer overflow (f8b46415-c264-11ea-8659-901b0ef719ab)
posixspawnp spawns a new thread with a limited stack allocated on the heap before delegating to execvp for the final execution within that thread. execvp would previously make unbounded allocations on the stack, directly proportional to the length of the user-controlled PATH environment variable...
FreeBSD -- posix_spawnp(3) buffer overflow
Problem Description: posixspawnp spawns a new thread with a limited stack allocated on the heap before delegating to execvp for the final execution within that thread. execvp would previously make unbounded allocations on the stack, directly proportional to the length of the user-controlled PATH...
Qmail SMTP 1.03 - Bash Environment Variable Injection
Exploit Title: Qmail SMTP 1.03 - Bash Environment Variable Injection Date: 2020-07-03 Exploit Author: 1F98D Original Authors: Mario Ledo, Mario Ledo, Gabriel Follon Version: Qmail 1.03 Tested on: Debian 9.11 x64 CVE: CVE-2014-6271 References: http://seclists.org/oss-sec/2014/q3/649...
Apple macOS Catalina ksh shell command execution vulnerability
Apple macOS Catalina is a specialized operating system developed for Mac computers. A security vulnerability in the Apple macOS Catalina ksh handling environment variable allows local attackers to exploit the vulnerability to submit a special request that can execute arbitrary SHELL commands...
Google chrome-launcher OS command injection vulnerability
Google chrome-launcher is a launcher for launching the Chrome browser from Node.js by Google USA. An operating system command injection vulnerability exists in Google chrome-launcher all versions, which can be exploited to execute arbitrary commands by controlling the $ HOME environment variable ...
CVE-2020-7645
All versions of chrome-launcher allow execution of arbitrary commands, by controlling the $HOME environment variable in Linux operating systems...
CVE-2020-7645
All versions of chrome-launcher allow execution of arbitrary commands, by controlling the $HOME environment variable in Linux operating systems...
CVE-2020-7645
All versions of chrome-launcher allow execution of arbitrary commands, by controlling the $HOME environment variable in Linux operating systems...
Linux: Strictly define variable LD_LIBRARY_PATH
Check whether variable LDLIBRARYPATH or any equivalent variable exists in the user environmentroot or other environments. If yes, the variable should refer to the /lib, /usr/lib, /var/lib, /usr/X11R6/lib library only. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be...
glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries
A vulnerability was discovered in glibc where the LDPREFERMAP32BITEXEC environment variable is not ignored when running binaries with the setuid flag on x8664 architectures. This allows an attacker to force system to utilize only half of the memory making the system think the software is 32-bit...
Scientific Linux Security Update : cups on 7.x i686/x86_64 (2020:1050)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2020:1050-1 advisory. - In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. CVE-2018-4180,...
CVE-2020-11944
Abe aka bitcoin-abe through 0.7.2, and 0.8pre, allows XSS in call in abe.py because the PATHINFO environment variable is mishandled during a PageNotFound exception...
CVE-2020-11944
Abe aka bitcoin-abe through 0.7.2, and 0.8pre, allows XSS in call in abe.py because the PATHINFO environment variable is mishandled during a PageNotFound exception...
Lk Scraper - An Fully Configurable Linkedin Scrape (Scrape Anything Within Linkedin)
Scrapes Any Linkedin Data Installation $ pip install git+git://github.com/jqueguiner/lkscraper Setup Using Docker compose $ docker-compose up -d $ docker-compose run lkscraper python3 Using Docker only forselenium server First, you need to run a selenium server $ docker run -d -p 4444:4444...
CVE-2016-1000107
A flaw was found in the Inets application in Erlang version 22.1 and possibly earlier, where it follows RFC 3875 section 4.1.18 and does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable. This flaw allows remote attackers to redirect an...